PowerShell Power‑Pack: 10 Must‑Use Commands for Lightning‑Fast Network Troubleshooting

Hey there, tech whizzes! 

PowerShell is a powerhouse for any Windows administrator. Plus, it’s great for keeping an eye on Windows network settings and services. Windows PowerShell has truly changed the game for the Windows command line! Whether you’re managing configurations, installing software, or scripting, 


Lets deep dive and explore top 10 commands which can be used to debug the network related issues.


If you’re already comfortable with PowerShell, you know it’s a powerful ally for troubleshooting network hiccups. Below is a friendly rundown of the Top 10 PowerShell commands, you’ll want in your toolbox which helps in PowerShell network troubleshooting. Each entry comes with a short description, the most useful parameters, and a real‑world example that you can copy‑paste right into your console. 

Pro tip: Run these commands in an elevated PowerShell session (Run as Administrator) whenever you’re dealing with firewall rules or packet captures.





1. Test-Connection  

What it does: A modern, flexible ping – returns objects you can pipe and filter.  

Key parameters: -ComputerName, -Count, -Delay, -Quiet (just a Boolean)  

Example: Test-Connection -ComputerName google.com -Count 4  


Why use it? Quick “is the host alive?” check, plus you can pipe results to Where-Object for advanced filtering.


2. Test-NetConnection  

What it does: Tests connectivity and specific ports (TCP/UDP).  

Key parameters: -ComputerName, -Port, -InformationLevel (Detailed, Quiet)  

Example: Test-NetConnection -ComputerName example.com -Port 443  


Why use it? Perfect for “Is HTTPS open?” or checking that a custom service port is reachable.


3. Get-NetTCPConnection  

What it does: It's a Network packet capture PowerShell which lists all active TCP connections and their states.  

Key parameters: -State (Established, Listen, etc.)  

Example: Get-NetTCPConnection -State Established | Select-Object LocalAddress,LocalPort,RemoteAddress,RemotePort,State  


Why use it? Spot hanging or suspicious connections before they become a problem.


4. Get-NetUDPEndpoint  

What it does: Shows all active UDP endpoints (no state, but great for DNS/streaming checks).  

Example: Get-NetUDPEndpoint | Format-Table -AutoSize  


Why use it? UDP is stateless, so this gives you a quick snapshot of what’s listening.


5. Get-NetAdapter  

What it does: Displays adapter details (status, speed, MAC).  

Example: Get-NetAdapter | Format-Table Name, Status, LinkSpeed, MacAddress  


Why use it? If your Wi‑Fi feels sluggish or a NIC is down, this command tells you right away.


6. Get-NetIPAddress  

What it does: Lists IP addresses assigned to each interface.  

Example: Get-NetIPAddress -AddressFamily IPv4 | Format-Table IPAddress,InterfaceAlias,PrefixLength  


Why use it? Handy when you forget your IP or suspect a DHCP issue.


7. Get-NetRoute  

What it does: Shows the routing table.  

Example: Get-NetRoute | Sort-Object DestinationPrefix | Format-Table DestinationPrefix,NextHop,InterfaceAlias  


Why use it? If traffic isn’t going where you expect, this is the map you need.


8. Get-NetFirewallRule  

What it does: Lists firewall rules that could be blocking traffic.  

Example: Get-NetFirewallRule -Enabled True | Format-Table Name,Direction,Profile,Action,DisplayName  


Why use it? When an app suddenly stops working or a port is unreachable, check the firewall first.


9. Get-NetAdapterStatistics  

What it does: Shows packet statistics per adapter (sent, received, errors).  

Example: Get-NetAdapterStatistics | Format-Table Name,BytesReceived,BytesSent,PacketsReceived,PacketsSent  


Why use it? If you suspect packet loss or a NIC is misbehaving, the numbers tell the story.


10. New-NetEventSession + Add-NetEventPacketCaptureProvider  

What it does: Captures live network packets for deep inspection (requires Windows 10/Server 2016+).  

Key parameters: -Name, -Provider (Microsoft-Windows-PacketCapture)  

Example:

# Create a session

New-NetEventSession -Name "MyCapture"

# Add the packet capture provider (filters optional)

Add-NetEventPacketCaptureProvider -SessionName "MyCapture"

# Start capturing

Start-NetEventSession -Name "MyCapture"

# Stop when done (after a few seconds or based on a trigger)

Stop-NetEventSession -Name "MyCapture"

# Export to .etl for Wireshark

Export-NetEventSession -Name "MyCapture" -Path C:\Temp\capture.etl

Why use it? When you need a full packet dump (e.g., to debug TLS handshakes or DNS anomalies). The exported .etl file can be opened in Wireshark for a familiar UI.

Comments

Post a Comment

Popular posts from this blog

Nmap Tutorial for Beginners: Usage and Top 10 Parameters

Image
Nmap, a free and open-source network scanner, is used to discover hosts, open ports, services, and basic security issues on networks. It helps administrators and security testers in exploring the network’s running services, enabling more effective management and security. What Nmap does Scans 1 or many IPs to find which hosts are running and listening. Checks which TCP/UDP ports are open and what services/versions run on them. Attempts OS detection and run scripts to probe for known weaknesses. Syntax: nmap [options] <target> Pattern: nmap -sV -p 22,80,443 192.168.1.10 What nmap actually does Discovers live hosts on a network and maps their IP addresses, which helps build an inventory of devices. It scans TCP and UDP ports to identify open services (such as HTTP, SSH, and DNS) and often their versions. Additionally, it attempts to determine operating systems and device types using TCP/IP fingerprinting, along with basic firewall or filter behavior. Furthermore, it execute...
Read more

Linux: Top 10 Linux Commands for File and Folder Management

Image
Top 10 Linux Commands for File and Folder Management Top 10 Linux Commands for File and Folder Management Linux file management commands are essential for anyone working with the Linux operating system. These Linux command-line tools help you navigate, organize, and maintain your filesystem efficiently. Whether you're a beginner or a Linux system administrator , mastering these commands will make your workflow faster and more reliable. 1. ls – List Directory Contents Purpose: View files/folders inside a directory using the Linux CLI basics . Common options: -l : Long listing format (permissions, owner, size, datetime) -a : Show hidden files (starting with dot) -h : Human-readable sizes (e.g., KB, MB) -R : Recursively list subdirectories Example: ls -lah /var/log Expected Output sample: drwxr-xr-x 5 root root 4.0K Nov 12 10:00 . drwxr-xr-x 14 root root 4.0K Nov 1 15:22 .. -rw-r--r-- 1 root root 1.2M Nov 12 09:...
Read more